CVE-2024-55408

Summary

An improper access control vulnerability in the AsusSAIO.sys driver may lead to the misuse of software functionality utilizing the driver when crafted IOCTL requests are supplied.

Affected Software

VendorProductVersion RangeStatus
ASUSASCIbefore 1.0.30.0affected
ASUSASCIbefore 3.1.41.0affected

Weaknesses

  • CWE-862: CWE-862 Missing Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References